It is the Masonic Villages of the Grand Lodge of Pennsylvania’s (hereafter referred to as “Masonic Villages”) policy to respect your privacy regarding any information we may collect while operating our websites.
Like most website operators, Masonic Villages collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. Masonic Villages’ purpose in collecting non-personally identifying information is to better understand how Masonic Villages’ visitors use its website. From time to time, Masonic Villages may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.
Masonic Villages also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged in users and for users leaving comments on Masonic Villages’ member sites. Masonic Villages only discloses logged in user and commenter IP addresses under the same circumstances that it uses and discloses personally-identifying information as described below, except that site commenter IP addresses are visible and disclosed to the administrators of the site where the comment was left.
Gathering of Personally-Identifying Information
Certain visitors to Masonic Villages’ websites choose to interact with Masonic Villages in ways that require Masonic Villages to gather personally-identifying information. The amount and type of information that Masonic Villages gathers depends on the nature of the interaction. Those who engage in transactions with Masonic Villages are asked to provide additional information, including as necessary the personal and financial information required to process those transactions. In each case, Masonic Villages collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor’s interaction with Masonic Villages. Masonic Villages does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.
Masonic Villages may collect statistics about the behavior of visitors to its websites. For instance, Masonic Villages may monitor the most popular member sites on the Masonic Villages site. Masonic Villages may display this information publicly or provide it to others. However, Masonic Villages does not disclose personally-identifying information other than as described below.
Protection of Certain Personally-Identifying Information
Masonic Villages discloses potentially personally-identifying and personally-identifying information only to those of its employees, contractors and affiliated organizations that (i) need to know that information in order to process it on Masonic Villages’ behalf or to provide services available at Masonic Villages’ websites, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using Masonic Villages’ websites, you consent to the transfer of such information to them. Masonic Villages will not rent or sell potentially personally-identifying and personally-identifying information to anyone. Other than to its employees, contractors and affiliated organizations, as described above, Masonic Villages discloses potentially personally-identifying and personally-identifying information only in response to a subpoena, court order or other governmental request, or when Masonic Villages believes in good faith that disclosure is reasonably necessary to protect the property or rights of Masonic, third parties or the public at large. If you are a registered user of a Masonic Villages website and have supplied your email address, Masonic Villages may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with Masonic Villages and our products. We expect to keep this type of email to a minimum. If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. Masonic Villages takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.
Masonic Villages maintains a list of email addresses of users who have specifically opted to receive mailings and newsletters from us relating to the Masonic Villages retirement living communities, services and events. Participation in this mailing list is strictly voluntary, and any user may opt out at any point by emailing email@example.com a message with a subject of “unsubscribe” from the email address they wish removed from the list. Email addresses from this mailing list are only used for these notifications, and will not be distributed to any third party.
If Masonic Villages, or substantially all of its assets were acquired, or in the unlikely event that Masonic Villages goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Masonic Villages may continue to use your personal information as set forth in this policy.
HIPAA– Health Insurance Portability and Accountability Act: Privacy Notice
MASONIC VILLAGES—NOTICE OF PRIVACY PRACTICES
Revised Date: January, 2015
I. THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
II. WE HAVE A LEGAL DUTY TO SAFEGUARD YOUR PROTECTED HEALTH INFORMATION (PHI)
We are required to protect the privacy of your health information. We call this information “protected health information,” or “PHI” for short and it includes information that can be used to identify you. We are required by law, to notify you if there is a breach of your unsecured PHI. We must provide you with this notice about our privacy practices that explains how, when, and why we use and disclose your PHI. With some exceptions, we may not use or disclose any more of your PHI than is necessary to accomplish the purpose of the use or disclosure.
However, we reserve the right to change the terms of this notice and our privacy policies at any time. Any changes will apply to the PHI we already have. Before we make an important change to our policies, we will promptly change this notice and post a new notice on public bulletin boards. You can also request a copy of this notice from the admissions or marketing office at any time.
III. HOW WE MAY USE AND DISCLOSE YOUR PROTECTED HEALTH INFORMATION
We use and disclose health information for many different reasons. For some of these uses or disclosures, we need your prior consent or specific authorization. Below, we describe the different categories of our uses and disclosures and give you some examples of each category.
A. Uses and Disclosures Relating to Treatment, Payment, or Health Care Operations. We may use and disclose your PHI for the following purposes:
1. For treatment. We may disclose your PHI to physicians, nurses, medical students, and other health care personnel who provide you with health care services or are involved in your care. For example, if you’re being treated for a knee injury, we may disclose your PHI to the rehabilitation department in order to coordinate your care.
2. To obtain payment for treatment. We may use and disclose your PHI in order to bill and collect payment for the treatment and services provided to you. For example, we may provide portions of your PHI to our billing department and your health plan to get paid for the health care services we provided to you. We may also provide your PHI to our business associates, such as billing companies, claims processing companies, and others that process our health care claims. If we disclose PHI to a business associate, we will do so subject to a contract that requires the business associate to appropriately safeguard and restrict the use of your medical information to the purposes of the arrangement, as required under HIPAA and its regulations, including requiring the business associate to have a contract with any subcontractors the business associate may use to perform a function involving medical information.
3. For health care operations. We may disclose your PHI in order to operate this facility. For example, we may use your PHI in order to evaluate the quality of health care services that you received or to evaluate the performance of the health care professionals who provided health care services to you. We may also provide your PHI to our accountants, attorneys, consultants, and others in order to make sure we’re complying with the laws that affect us.
B. Certain Additional Uses and Disclosures Do Not Require Your Consent. We may use and disclose your PHI without your consent or authorization for the following reasons:
1. For public health activities. For example, we report information about births, deaths, and various diseases, to government officials in charge of collecting that information, and we provide coroners, medical examiners, and funeral directors necessary information relating to an individual’s death.
2. For health oversight activities. For example, we will provide information to assist the government when it conducts an investigation or inspection of a health care provider or organization.
3. For purpose of organ donation. We may notify organ procurement organizations to assist them in organ, eye, or tissue donation and transplants.
4. For research purposes. In certain circumstances, we may provide PHI in order to conduct medical research.
5. To avoid harm. In order to avoid a serious threat to the health or safety of a person or the public, we may provide PHI to law enforcement personnel or persons able to prevent or lessen such harm.
6. When a disclosure is required by federal, state, or local law, judicial or administrative proceedings, or law enforcement. For example, we make disclosures when a law requires that we report information to government agencies and law enforcement personnel about victims of abuse, neglect, or domestic violence; when dealing with gunshot and other wounds; or when ordered in judicial or administrative proceedings.
7. For specific government functions. We may disclose PHI of military personnel and veterans in certain situations. And we may disclose PHI for national security purposes, such as protecting the president of the United States or conducting intelligence operations.
8. Coroners, Medical Examiners, and Funeral Directors. We may disclose your medical information to coroners, medical examiners or funeral directors as necessary for them to carry out their duties.
9. For workers’ compensation purposes. We may provide PHI in order to comply with workers’ compensation laws.
10. Appointment reminders and health-related benefits or services. We may use PHI to provide appointment reminders or give you information about treatment alternatives, or other health care services or benefits we offer.
11. Fundraising activities. We may use PHI to raise funds for our organization. The money raised through these activities is used to expand and support the health care services and educational programs we provide to the community. See Section IV. for “The Right to Opt-Out of Receiving Future Fundraising Notices”.
C. Uses and Disclosures for Which You Have the Opportunity to Object.
1. Patient directories. We may include your name, location in this facility, general condition, and religious affiliation, in our patient directory for use by clergy and visitors who ask for you by name, unless you object in whole or part. The opportunity to consent may be obtained retroactively in emergency situations.
2. Disclosures to family, friends, or others. We may provide your PHI to a family member, friend, or other person that you indicate is involved in your care or the payment for your health care, unless you object in whole or in part. The opportunity to consent may be obtained retroactively in emergency situations.
D. Uses and Disclosures Require Your Prior Written Authorization. In any other situation not described in sections III A, B, and C above, we will ask for your written authorization before using or disclosing any of your PHI. If you choose to sign an authorization to disclose your PHI, you can later revoke that authorization in writing to stop any future uses and disclosures (to the extent that we haven’t taken any action relying on the authorization), including:
A. For marketing purposes. Marketing purposes include subsidized treatment communications, as well as for communications about health-related products or services if we receive “financial remuneration” in exchange for making the communication from or on behalf of the third party whose product or service is being described.
B. For Sale of PHI. If we directly or indirectly receive remuneration from or on behalf of the recipient of the PHI in exchange for the disclosure of PHI. This can include but not limited to transfers of ownership of PHI, agreements to access PHI, licenses to use PHI and lease agreements.
C. For most Psychotherapy notes. We may not use or disclose your psychotherapy notes without your written authorization.
IV. WHAT RIGHTS YOU HAVE REGARDING YOUR PHI
You have the following rights with respect to your PHI:
A. The Right to Request Limits on Uses and Disclosures of Your PHI. You have the right to ask that we limit how we use and disclose your PHI. We will consider your request but are not legally required to accept it. If we accept your request, we will put any limits in writing and abide by them except in emergency situations. You may not limit the uses and disclosures that we are legally required or allowed to make.
B. The Right to Choose How We Send PHI to You. You have the right to ask that we send information to you to an alternate address or by alternate means (for example, e-mail instead of regular mail). We must agree to your request so long as we can easily provide it in the format you requested.
C. The Right to See and Get Copies of your PHI. In most cases, you have the right to look at or get copies of your PHI that we have, but you must make the request in writing. In certain situations, we may deny your request. If we do, we will tell you, in writing, our reasons for the denial and explain your right to have the denial reviewed. There may be charges for copies made.
D. The Right to Get a List of the Disclosures We Have Made. You have the right to get a list of instances in which we have disclosed your PHI. The list will not include uses or disclosures that you have already consented to, such as those made for treatment, payment, or health care operations, directly to you, to your family, or in our facility directory. The list also won’t include uses and disclosures made for national security purposes, to corrections, or law enforcement personnel.
E. The Right to Correct or Update your PHI. If you believe there is a mistake in your PHI or that a piece of important information is missing, you have the right to request that we correct the existing information or add the missing information. You must provide the request and your reason for the request in writing. We will respond within 60 days of receiving your request. We may deny your request in writing if the PHI is (i) correct and complete, (ii) not created by us, (iii) not allowed to be disclosed, or (iv) not part of our records. Our written denial will state the reasons for the denial and explain your right to file a written statement of disagreement with the denial. If you don’t file one, you have the right to request that your request and our denial be attached to all future disclosures of your PHI. If we approve your request, we will make the change to your PHI, tell you that we have done it, and tell others that need to know about the change to your PHI.
F. The Right to Restrict Disclosure of PHI when Paying Out of Pocket. You have the right to ask that we do not disclose PHI to a health plan for payment, or health care operations, where service is paid out-of-pocket in full by you, someone on your behalf or another health plan, unless required by law.
G. The Right to Opt-Out of Receiving Future Fundraising Notices. You have the right to request we no longer contact you with future fundraising notices. Please note: If you would like to start receiving fundraising notices again after you have opted-out, you will need to contact us to add your name back on the fundraising notice list. To opt-out or add your name back on the list for fundraising notices, please contact the, Gift Planning Office at 1-800-599-6454.
H. Right to Notice if Your Medical Information is Breached. You have the right to be notified following a breach involving your unsecured medical information. We will provide you with written notice of a breach unless we determine through a risk assessment that there is a low probability that the privacy and/or security of your medical information has been compromised.
I. Right to a Paper Copy of this Notice. You have the right to obtain a paper copy of this Notice, even if you have previously agreed to receive this Notice electronically. You may request a copy of this Notice at any time.
V. HOW TO COMPLAIN ABOUT OUR PRIVACY PRACTICES
If you think that we may have violated your privacy rights, or you disagree with a decision we made about access to your PHI, you may file a complaint with the person listed in Section VI below. You also may send a written complaint to the Secretary of the Department of Health and Human Services. We will take no retaliatory action against you if you file a complaint about our privacy practices.
VI. PERSON TO CONTACT FOR INFORMATION ABOUT THIS NOTICE OR TO COMPLAIN ABOUT OUR PRIVACY PRACTICES
If you have any questions about this notice or any complaints about our privacy practices, or would like to know how to file a complaint with the Secretary of the Department of Health and Human Services, please contact: the, Chief Compliance Officer, 717-367-1121, Ext. 33223.